Bug#499945: Segfault in asn1_get_tag_der().
simon at josefsson.org
Thu Sep 25 19:37:40 UTC 2008
Andreas Metzler <ametzler at downhill.at.eu.org> writes:
> On 2008-09-24 Kurt Roeckx <kurt at roeckx.be> wrote:
>> On Wed, Sep 24, 2008 at 08:05:24PM +0200, Andreas Metzler wrote:
>>> Have you got any special settings in ~/lynxrc?
>> No, it's the default setting.
>> But it seems to be related to me using MALLOC_CHECK_=2 in the
>> enviroment. I thought I've set it to 0 to make sure it wasn't
>> related. But trying to unset or set it to 0 now stops the segfault.
>> Also not that the check even with set to 3 it doesn't print any error
> Running with MALLOC_CHECK_=2 indeed makes the crash reproducible on
Can you reproduce it using gnutls-cli?
I'm having trouble finding a amd64 machine where I can install
gnutls-bin on, but I have access to a amd64 machine where I built
libgpg-error, libgcrypt, libtasn1 and gnutls manually. gnutls-cli seems
to work fine on it though:
jas at gcc12:~$ dpkg -l|grep -e 'libc6 '
ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries
jas at gcc12:~$ uname -a
Linux gcc12 2.6.18-6-vserver-amd64 #1 SMP Thu Apr 24 04:24:04 UTC 2008 x86_64 GNU/Linux
jas at gcc12:~$ MALLOC_CHECK_=2 gnutls-cli -p 443 acrobat.com
Connecting to '220.127.116.11:443'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate info:
# The hostname in the certificate matches 'acrobat.com'.
# valid since: Sun Jun 1 23:40:25 CEST 2008
# expires at: Tue Jun 2 23:40:25 CEST 2009
# fingerprint: 1F:C8:33:05:9E:C2:3A:A6:DB:9E:B2:8F:75:6E:08:24
# Subject's DN: C=US,O=www.acrobat.com,OU=GT20733021,OU=See www.geotrust.com/resources/cps (c)08,OU=Domain Control Validated - Power Server ID(TM),CN=www.acrobat.com
# Issuer's DN: C=US,O=Equifax,OU=Equifax Secure Certificate Authority
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.0
- Key Exchange: RSA
- Cipher: AES-256-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed
- Simple Client Mode:
*** Fatal error: A TLS packet with unexpected length was received.
*** Server has terminated the connection abnormally.
jas at gcc12:~$
More information about the Pkg-gnutls-maint